Archive for September, 2009

Removing Quarantine from Large Numbers of Files on Mac OS X

So,  you’ve wound up with a huge number of files, folders and sub-folders with a extended attribute?  (I’ll assume you already know that Mac OS X puts this on downloaded files for security reasons.  This is the thing that triggers the OS to ask you if you’re sure you want to open something that came from the internet.)  See my other recent entry on why this may have happened if you don’t know.

To remove these will take some scripting. The only thing that removes them that is provided in the OS is the command-line tool “xattr”.   Unfortunately, you can’t just specify a folder to cleanse recursively.

I did experiment with xattr and some scripts for it that I found on the internet.  But they ran terribly slowly.  Depending on the situation, they may produce a lot of “no such attribute” errors which made things even slower. After watching one such script grind on for a while,  I ran

ls -laR | grep “@” | wc -l

and it promptly showed 600+ items with extended attributes still remaining.

I finally hit upon this shell script which did the whole thing in a blink for everything in the current working directory:

for f in find ./ -type d
cd “$f”
xattr -d *

Calling xattr with “*” cleans out an entire directory very quickly.  It may still generate errors if some of the files/folders do not have a matching extended attribute.  The results of “find ./ -type d” are only the directories in the tree, so we call xattr once for each directory instead of once for each file.

I was hoping to make this into an easier-to-use script for use in a drag-and-drop applescript application, but I ran out of time.


Prevent Quarantine on Archives from getting Expanded

Today I had a problem which I thought was related to having the extended attribute on a folder with a large number of files and subfolders.

In the end, I had removed the quarantine from them all (topic for another post).  It wasn’t the source of the problem at hand, but it did wind up with an important lesson:  remove quarantine from any .zip file before decompressing it.  Apple’s “Archive Utility” (the program that does the decompression) will maintain the quarantine attribute through every file, directory, and sub-directory.

If you’ve got a directory with a huge number of files set with this, look for my blog post on removing them all.

Tags: , , , ,

Controlling Macs with No Keyboard: CD Tray

Titling this one was a little harder than most somehow.   I guess part of it is that there are so many ways to express this.

Today I needed to use a Mac whose monitor got … appropriated… by my family for other purposes. I just needed to use a piece of software there that is only needed once in a … well, almost never.

To get to the point, Apple’s Remote Desktop product is nice, and offers good control, but doesn’t have anything I could find that would eject the tray.  If a disk had been already in it, it could have been used to eject that of course.

Anyway,  the first solution I found is a command-line tool in the Mac:  drutil.  Just connect to the “headless” Mac with SSH in a terminal (there are plenty of how-to’s available via Google) then type this:

drutil -drive 1 tray open

The tray popped out and my problem is solved.

I tried putting this into an AppleScript application so that I could put it on the dock. Then it would only be a click away.  A quick test showed that this does nothing if a disk is actually mounted from the drive.  No error message is generated. It also became clear that this command is literal, it will only open the tray.   To close the tray, I had to issue the reverse command:

drutil -drive 1 tray close

(I suppose that’ll require another AppleScript application.)

If you’d like one, just type the following line into a blank document in the AppleScript Editor program.  The quotes are necessary to send the whole thing together,  othewise AppleScript will try to interpret each word in the line.

do shell script “drutil -drive 1 tray open”

I did search around to see if there was an open/close command.  After all, the eject button on the keyboard gets it right. (when one is connected) and so does the drive’s button (when its not covered up by the Mac case.)  But I didn’t turn up anything in the few minutes available.


Tags: , ,

Google Tip for Mac Users

It can be difficult to search for Macintosh answers on Google because people spell “Mac OS X” so many ways.  They use  “MacOSX”, “MacOS X”, MacOS-X and “Mac OS X”.  (“Mac OS X” is the official 3-word version according to Apple.)

To cast a wide net with Google searches,  you search for “mac-os-x” with your other search terms.  When you use dashes instead of spaces, Google is free to interpret them as either spaces or non-spaces.  It will find all of the variations I pointed out above.  You won’t miss the answer to your question just because you used a different variation than the person who wrote the answer.


SQLite Missing Functions in iPhone 2.x

While trying to improve my app’s memory usage, I tried to add a call to SQLite’s routine to release memory cache: sqlite3_release_memory().   But when I tried to build it, I got the following error:

ErrorDot“_sqlite3_release_memory”, referenced from:
-[AppDelegate applicationDidReceiveMemoryWarning:] in AppDelegate.o
symbol(s) not found
collect2: ld returned 1 exit status

Read the rest of this entry »

Tags: ,

iPhone Developer Group Meetings in Orlando

I was surprised recently to see how many groups are starting up around iPhone development in the Orlando area.  I’ll compile my list into a page and see how it works out.

I’ve attended two meetings and enjoyed both greatly.  The levels of focus, curiosity, and participation were great.  The discussions of just development challenges in general were also very good.

  • NSCoder Orlando (site twitter)   – meets every Tuesday
  • Mac & iPhone Developer Meetup (site twitter)  –
  • Orlando Cocoa-Heads  (site twitter)  – 2nd Tuesdays suggested, but still variable

The Panera’s restaurant downtime for the Mac & iPhone meetup group was pretty tough to find parking near, so go with a little extra time for that. Maybe take $5 or so in cash if you have to pay for a parking space.   That Panera’s does close at 8:30 pm.  While they are very gracious to people lingering, you won’t be able to get in or buy anything after that.

If you are more interested in a group for simply using the iPhone, check out the meetings of  the Florida Macintosh Users Group.  All the meetings wind up talking about iPhones at some point, but some will have different focus.

  • FLMUG main meeting (site twitter)
  • iPhone SIG (special interest group)  (site twitter)
  • FLMUG Business SIG (site twitter meetup)

Tags: , , , ,

Clues to fake emails and hacking attempts

I’ve long ago had my email addresses pulled into every spammer, scammer and dot-con mailing list.  My addresses are old as I long ago registered my own domain so I could have whatever name I wanted and wouldn’t have to change my address ever again. Also, I’ve worked at a well-known internet company, so my employee accounts were targeted by determined social hackers.

When I’ve heard of people having their accounts hacked, it always seemed like it was someone new to the internet or new to being a specific target of hacking or scamming.  So at a certain point I used to give quick little orientation speeches to people when they joined my part of the company.  I was lucky when I joined, my office neighbor was very much helpful in answering my questions about strange message and emails. So, I passed it on.

So here I’ll start my series on how to spot fake emails.  I’ll probably start a different series on quick and easy ways to manage email in general, but that is a different topic.   This topic is about the unknown email that you’ve just opened.

  • Clue 1:  They don’t know your actual name.
  • Clue 2: They don’t seem to be very good at typing your language.
  • Clue 3: You’ve never dealt with their (claimed) company.
  • Clue 4: The From: address doesn’t show the (claimed) company URL
  • Clue 5: The “convenient link” doesn’t lead to the (claimed) company URL
Clue 1:  They don’t know your actual name.

This is just one of the biggest red flags to me.  Whenever you start an account with a bank, cable company, electric company, loan company, mail-order internet sales company, or the simplest free blog online,  you tell them your name.  They now know your name.  The simplest of programs can put that name at the beginning of an email that is address directly to you. (Maybe not in generic sales messages.)  My bank does it when they notify me of a problem (not too often thankfully), Paypal does it, AOL does it, does it.

If they address you as “dear customer”,  or “VIP Member” or “Dear [first part of email address]”, they are showing that they don’t know your name.

(Don’t assume that knowing your actual name is proof of a legitimate email.  Hackers have evolved from “Phishing” emails with generic terms to “Spear Phishing” in which they get your name from the address book of computer infected with their virus, then send you a message with your real name in it.)

Clue 2: They don’t seem to be very good at typing your language.

Companies are usually very sensitive about their appearance and appeal to customers.  They put extra effort into sending clear messages with terms and phrases that are well-chosen.  They don’t usually send official emails with poor grammar or poor spelling.

Clue 3: You’ve never dealt with their (claimed) company.

Well, you’ve probably already gotten used to deleting these things.  If you never had an account why would they be bothering you?   If someone has stolen your identity and they are looking to collect on a debt, you will probably get a piece of paper in the regular mail.

Clue 4: The From: address doesn’t show the (claimed) company URL

Citibank doesn’t send email through or  But scammers do.

Clue 5: The “convenient link” doesn’t lead to the (claimed) company URL

Most email readers these days will show you where the link actually leads before you click it.  On my Mac, Apple Mail will show the real URL if you hover the mouse over the link for a second or two.  If they don’t, they will usually give you a “copy link” option when you control-click or right-click on them.   Then you can open a new window and paste them into the address bar or search box or paste them into a text file in another program.

Citibank won’t send a link to anything that doesn’t start with “”

NOTE:  if there is something between the “.com” and first “/”, then it is almost certainly bogus.  A “feature” of URLs is the ability to supply a user name.  So  is a trick because the “@” makes everything before it into a username for the stuff to the right of it.  There must be a slash “/” after the “.com”.   A legitimate company could make use of the user name for convenient links, but they won’t since its such a red flag for the rest of us and there are better ways to provide it after the slash.  (example:


I’m such a “VIP”

Well, apparently in the eyes of all the Dot-Cons out there.   The new fad amongst these scammers is to send emails that say something about a VIP status.  If they refer to you as “VIP Member” instead referring to you by name, that’s your red flag that this is a fake.

Thankfully it becomes clear pretty quickly because the scammers tend to copycat each other so badly.


Is your Apple warranty still active?

After helping the great folks at my daughter’s school with an external monitor issue, it seemed the problem was in the Mac itself. So naturally, questions about the status of the warranty came up.  I knew that all the Apple Authorized service centers can look up the status, but getting someone on the phone isn’t necessarily easy or convenient (especially during off-hours.)

So, Googling (sp?) for the answer turned up a page I had not found before (ok, I had not really looked in a long time) :

You can put in your serial number and get an answer immediately about the status of your warranty.

Things to know:

It can be a real pain to find and read the really tiny serial number sticker on a modern Mac, iPod or iPhone (or maybe its just my eyes going downhill).  Much easier,  you can copy and past the serial number from the “System Profiler” utility. Its in the “Hardware Overview” information which comes up first by default.  You can find the System Profiler in the “Utilities” folder in the “Applications” folder,  or you can go to the Apple Menu, select “About This Mac”, then press the “More Info” button.

If you bought an AppleCare extended warranty, but the site only shows a 1-year warranty, it may be that the extended warranty didn’t get registered. (The registration instructions should be in the box.) It may or may not have been automatically registered if you bought the computer and AppleCare together at an Apple Store.  You have to buy an AppleCare extended warranty while the original 1-year warranty is still good.  If you bought it, but didn’t register it, you may have to call Apple or talk to someone in an Apple store and show them the purchase receipt showing both the Mac purchase and the AppleCare purchase.  Someone can then re-instate the extended warranty.

Tags: , , ,